package com.dongdong.realm;


import com.alibaba.fastjson.JSONObject;
import com.dongdong.UserToken.UserEnums;
import com.dongdong.UserToken.UserToKen;
import com.dongdong.api.AdminServiceApi;
import com.dongdong.api.SellerServiceApi;
import com.dongdong.model.TAdmin;
import com.dongdong.model.TbSeller;
import com.dongdong.utils.HttpClientUtil;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashMap;

public class LoginRealm extends AuthorizingRealm {

    @Autowired
    private AdminServiceApi adminServiceApi;
    @Autowired
    private SellerServiceApi sellerServiceApi;
    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行授权认证逻辑");

/*        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addStringPermission("movie_delete");    //给所有人删除权限
        return info;*/

        return null;

    }

    //认证（登录）
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //模拟数据库数据
//        String username = "123";   //用户名
//        String password = "123";   //密码

        System.out.println("登录认证");
        //拦截到controller认证请求  1.强转
        UserToKen token = (UserToKen)authenticationToken;

        UserEnums flag = token.getUserEnums();

        if(flag.equals(UserEnums.ADMIN)) {
            //链接数据库数据
//            TAdmin tAdmin = adminServiceApi.selectAdminByUsername(token.getUsername());//远程调用
            //将远程调用更换为httpclient
            String url = "http://localhost:8082/admin/selectAdminByUsername";
            HashMap<String, String> param = new HashMap<>();
            param.put("username",token.getUsername());
            String response = HttpClientUtil.doGet(url, param);
            TAdmin tAdmin = JSONObject.parseObject(response, TAdmin.class);

            //2.判断用户名是否存在
            if(tAdmin==null){
                return null;
            }
            //3.校验密码
            //SimpleAuthenticationInfo loginRealm = new SimpleAuthenticationInfo(tUser, tUser.getPassword(), "loginRealm");
            SimpleAuthenticationInfo loginRealm = new SimpleAuthenticationInfo(tAdmin,tAdmin.getPassword(), ByteSource.Util.bytes(tAdmin.getSalt()), "AdminUserRealm");
            System.out.println("执行登录认证逻辑");
            return loginRealm;
        }else  if(flag.equals(UserEnums.SELLER)) {
            //链接数据库数据
//            TbSeller tbSeller = sellerServiceApi.selectSellerByUsername(token.getUsername());////远程调用
            //将远程调用更换为httpclient
            String url = "http://localhost:8083/seller/selectSellerByUsername";
            HashMap<String, String> param = new HashMap<>();
            param.put("name",token.getUsername());
            String response = HttpClientUtil.doGet(url, param);
            TbSeller tbSeller = JSONObject.parseObject(response, TbSeller.class);

            //2.判断用户名是否存在
            if(tbSeller==null){
                return null;
            }
            //3.校验密码
            //SimpleAuthenticationInfo loginRealm = new SimpleAuthenticationInfo(tUser, tUser.getPassword(), "loginRealm");
            SimpleAuthenticationInfo loginRealm = new SimpleAuthenticationInfo(tbSeller,tbSeller.getPassword(), ByteSource.Util.bytes(tbSeller.getSalt()), "SellerUserRealm");
            System.out.println("执行登录认证逻辑");
            return loginRealm;
        }
        return null;
    }


















}
